mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-09-30 17:49:58 +03:00
spice-gtk: fix symlink errors, add withPolkit option
This commit is contained in:
parent
e718df678d
commit
e26810069e
@ -1,8 +1,29 @@
|
|||||||
{ stdenv, fetchurl, pkgconfig, spice-protocol, gettext, celt_0_5_1
|
{ stdenv, fetchurl, pkgconfig, spice-protocol, gettext, celt_0_5_1
|
||||||
, openssl, libpulseaudio, pixman, gobjectIntrospection, libjpeg_turbo, zlib
|
, openssl, libpulseaudio, pixman, gobjectIntrospection, libjpeg_turbo, zlib
|
||||||
, cyrus_sasl, python2Packages, autoreconfHook, usbredir, libsoup
|
, cyrus_sasl, python2Packages, autoreconfHook, usbredir, libsoup
|
||||||
, polkit, acl, usbutils, vala
|
, withPolkit ? true, polkit, acl, usbutils
|
||||||
, gtk3, epoxy }:
|
, vala, gtk3, epoxy }:
|
||||||
|
|
||||||
|
# If this package is built with polkit support (withPolkit=true),
|
||||||
|
# usb redirection reqires spice-client-glib-usb-acl-helper to run setuid root.
|
||||||
|
# The helper confirms via polkit that the user has an active session,
|
||||||
|
# then adds a device acl entry for that user.
|
||||||
|
# Example NixOS config to create a setuid wrapper for the helper:
|
||||||
|
# security.wrappers.spice-client-glib-usb-acl-helper.source =
|
||||||
|
# "${pkgs.spice-gtk}/bin/spice-client-glib-usb-acl-helper";
|
||||||
|
# On non-NixOS installations, make a setuid copy of the helper
|
||||||
|
# outside the store and adjust PATH to find the setuid version.
|
||||||
|
|
||||||
|
# If this package is built without polkit support (withPolkit=false),
|
||||||
|
# usb redirection requires read-write access to usb devices.
|
||||||
|
# This can be granted by adding users to a custom group like "usb"
|
||||||
|
# and using a udev rule to put all usb devices in that group.
|
||||||
|
# Example NixOS config:
|
||||||
|
# users.groups.usb = {};
|
||||||
|
# users.users.dummy.extraGroups = [ "usb" ];
|
||||||
|
# services.udev.extraRules = ''
|
||||||
|
# KERNEL=="*", SUBSYSTEMS=="usb", MODE="0664", GROUP="usb"
|
||||||
|
# '';
|
||||||
|
|
||||||
with stdenv.lib;
|
with stdenv.lib;
|
||||||
|
|
||||||
@ -18,11 +39,16 @@ in stdenv.mkDerivation rec {
|
|||||||
sha256 = "1vknp72pl6v6nf3dphhwp29hk6gv787db2pmyg4m312z2q0hwwp9";
|
sha256 = "1vknp72pl6v6nf3dphhwp29hk6gv787db2pmyg4m312z2q0hwwp9";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
postPatch = ''
|
||||||
|
# get rid of absolute path to helper in store so we can use a setuid wrapper
|
||||||
|
substituteInPlace src/usb-acl-helper.c \
|
||||||
|
--replace 'ACL_HELPER_PATH"/' '"'
|
||||||
|
'';
|
||||||
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
spice-protocol celt_0_5_1 openssl libpulseaudio pixman
|
spice-protocol celt_0_5_1 openssl libpulseaudio pixman
|
||||||
libjpeg_turbo zlib cyrus_sasl python pygtk usbredir gtk3 epoxy
|
libjpeg_turbo zlib cyrus_sasl python pygtk usbredir gtk3 epoxy
|
||||||
polkit acl usbutils
|
] ++ optionals withPolkit [ polkit acl usbutils ] ;
|
||||||
];
|
|
||||||
|
|
||||||
nativeBuildInputs = [ pkgconfig gettext libsoup autoreconfHook vala gobjectIntrospection ];
|
nativeBuildInputs = [ pkgconfig gettext libsoup autoreconfHook vala gobjectIntrospection ];
|
||||||
|
|
||||||
@ -34,16 +60,6 @@ in stdenv.mkDerivation rec {
|
|||||||
"--enable-vala"
|
"--enable-vala"
|
||||||
];
|
];
|
||||||
|
|
||||||
# usb redirection needs spice-client-glib-usb-acl-helper to run setuid root
|
|
||||||
# the helper then uses polkit to check access
|
|
||||||
# in nixos, enable this with
|
|
||||||
# security.wrappers.spice-client-glib-usb-acl-helper.source =
|
|
||||||
# "${pkgs.spice_gtk}/bin/spice-client-glib-usb-acl-helper.real";
|
|
||||||
postFixup = ''
|
|
||||||
mv $out/bin/spice-client-glib-usb-acl-helper $out/bin/spice-client-glib-usb-acl-helper.real
|
|
||||||
ln -sf /run/wrappers/bin/spice-client-glib-usb-acl-helper $out/bin/spice-client-glib-usb-acl-helper
|
|
||||||
'';
|
|
||||||
|
|
||||||
dontDisableStatic = true; # Needed by the coroutine test
|
dontDisableStatic = true; # Needed by the coroutine test
|
||||||
|
|
||||||
enableParallelBuilding = true;
|
enableParallelBuilding = true;
|
||||||
|
Loading…
Reference in New Issue
Block a user